From f2ed99cd297040568170fb93e7481919060f29e7 Mon Sep 17 00:00:00 2001 From: Benedikt Peetz Date: Thu, 24 Oct 2024 14:44:27 +0200 Subject: refactor(modules/impermanence): Move all optional dirs to their modules This increases the locality of configurations and makes it easier to see, what happens, when you enable a module. --- flake/nixosConfigurations/common.nix | 11 ++- modules/by-name/bl/bluetooth/module.nix | 4 ++ modules/by-name/bo/boot/module.nix | 6 ++ modules/by-name/im/impermanence/module.nix | 26 ------- modules/by-name/ne/networking/module.nix | 107 ++++++++++++++++------------- modules/by-name/po/postgresql/module.nix | 4 ++ modules/by-name/wa/waydroid/module.nix | 22 ++++-- 7 files changed, 101 insertions(+), 79 deletions(-) diff --git a/flake/nixosConfigurations/common.nix b/flake/nixosConfigurations/common.nix index bdf65a35..585e883b 100644 --- a/flake/nixosConfigurations/common.nix +++ b/flake/nixosConfigurations/common.nix @@ -12,7 +12,16 @@ }; home-manager.enable = true; - impermanence.enable = true; + impermanence = { + enable = true; + + directories = [ + "/etc/nixos" + "/var/log" + "/var/lib/systemd" + "/var/lib/nixos" + ]; + }; polkit.enable = true; power.enable = true; diff --git a/modules/by-name/bl/bluetooth/module.nix b/modules/by-name/bl/bluetooth/module.nix index bf1c6a90..486f6e6f 100644 --- a/modules/by-name/bl/bluetooth/module.nix +++ b/modules/by-name/bl/bluetooth/module.nix @@ -10,6 +10,10 @@ in { }; config = lib.mkIf cfg.enable { + soispha.impermanence.directories = [ + "/var/lib/bluetooth" + ]; + hardware = { bluetooth = { enable = true; diff --git a/modules/by-name/bo/boot/module.nix b/modules/by-name/bo/boot/module.nix index 711e9d23..8b71ce65 100644 --- a/modules/by-name/bo/boot/module.nix +++ b/modules/by-name/bo/boot/module.nix @@ -67,6 +67,12 @@ in { # copyExtraFilesForBoot = copyExtraFiles; # }; + # This should only be necessary for `lanzaboote`, but that is the current default in + # this module. + soispha.impermanence.directories = [ + "/etc/secureboot" + ]; + boot = { initrd = { kernelModules = ["nvme" "btrfs"]; diff --git a/modules/by-name/im/impermanence/module.nix b/modules/by-name/im/impermanence/module.nix index 9730dde6..513a91b7 100644 --- a/modules/by-name/im/impermanence/module.nix +++ b/modules/by-name/im/impermanence/module.nix @@ -10,32 +10,6 @@ in { directories = lib.mkOption { type = lib.types.listOf lib.types.str; - default = - [ - "/etc/nixos" - "/var/log" - "/var/lib/systemd" - "/var/lib/nixos" - ] - ++ lib.optional config.networking.networkmanager.enable "/etc/NetworkManager" - ++ lib.optional config.boot.lanzaboote.enable "/etc/secureboot" - ++ lib.optional config.hardware.bluetooth.enable "/var/lib/bluetooth" - ++ lib.optional config.virtualisation.waydroid.enable "/var/lib/waydroid" - ++ lib.optional config.services.postgresql.enable "/var/lib/postgresql"; - - defaultText = lib.literalExpression '' - [ - "/etc/nixos" - "/var/log" - "/var/lib/systemd" - "/var/lib/nixos" - ] - ++ lib.optional config.networking.networkmanager.enable "/etc/NetworkManager" - ++ lib.optional config.boot.lanzaboote.enable "/etc/secureboot" - ++ lib.optional config.hardware.bluetooth.enable "/var/lib/bluetooth" - ++ lib.optional config.virtualisation.waydroid.enable "/var/lib/waydroid" - ++ lib.optional config.services.postgresql.enable "/var/lib/postgresql" - ''; description = "The directories to persist"; }; }; diff --git a/modules/by-name/ne/networking/module.nix b/modules/by-name/ne/networking/module.nix index c5f0e491..8448e9b3 100644 --- a/modules/by-name/ne/networking/module.nix +++ b/modules/by-name/ne/networking/module.nix @@ -29,60 +29,71 @@ in { }; }; - config = { - networking.hostName = cfg.hostName; - - systemd.network = lib.mkIf (cfg.mode == "systemd-networkd") { - networks = { - "tap0" = { - name = "tap0"; - bridge = [ - "virbr0" - ]; - }; - "enp4s0" = { - name = "enp4s0"; - networkConfig = { - DHCP = "yes"; - DNSOverTLS = "yes"; - DNSSEC = "yes"; + config = + lib.mkIf cfg.enable + (lib.modules.mkMerge [ + { + networking.hostName = cfg.hostName; + } + (lib.mkIf (cfg.mode == "systemd-networkd") { + systemd.network = { + networks = { + "tap0" = { + name = "tap0"; + bridge = [ + "virbr0" + ]; + }; + "enp4s0" = { + name = "enp4s0"; + networkConfig = { + DHCP = "yes"; + DNSOverTLS = "yes"; + DNSSEC = "yes"; + }; + bridge = [ + "virbr0" + ]; + }; }; - bridge = [ - "virbr0" - ]; - }; - }; - netdevs = { - "tap0" = { - netdevConfig = { - Name = "tap0"; - Kind = "tap"; - }; - tapConfig = { - User = config.users.users."${cfg.userName}".uid; - Group = "libvirtd"; + netdevs = { + "tap0" = { + netdevConfig = { + Name = "tap0"; + Kind = "tap"; + }; + tapConfig = { + User = config.users.users."${cfg.userName}".uid; + Group = "libvirtd"; + }; + }; + "virbr0" = { + netdevConfig = { + Name = "br0"; + Kind = "bridge"; + }; + }; }; }; - "virbr0" = { - netdevConfig = { - Name = "br0"; - Kind = "bridge"; + }) + + (lib.mkIf (cfg.mode == "NetworkManager") { + networking.networkmanager = { + enable = true; + dns = "default"; + wifi = { + powersave = true; }; }; - }; - }; - networking.networkmanager = lib.mkIf (cfg.mode == "NetworkManager") { - enable = true; - dns = "default"; - wifi = { - powersave = true; - }; - }; + soispha.impermanence.directories = [ + "/etc/NetworkManager" + ]; - users.users."${cfg.userName}".extraGroups = lib.mkIf (cfg.mode == "NetworkManager") [ - "networkmanager" # allows to configure NetworkManager as this user - ]; - }; + users.users."${cfg.userName}".extraGroups = [ + "networkmanager" # allows to configure NetworkManager as this user + ]; + }) + ]); } diff --git a/modules/by-name/po/postgresql/module.nix b/modules/by-name/po/postgresql/module.nix index c47a235c..62233e96 100644 --- a/modules/by-name/po/postgresql/module.nix +++ b/modules/by-name/po/postgresql/module.nix @@ -10,6 +10,10 @@ in { }; config = lib.mkIf cfg.enable { + soispha.impermanence.directories = [ + "/var/lib/postgresql" + ]; + services.postgresql = { enable = true; }; diff --git a/modules/by-name/wa/waydroid/module.nix b/modules/by-name/wa/waydroid/module.nix index 4680db63..58bce7d1 100644 --- a/modules/by-name/wa/waydroid/module.nix +++ b/modules/by-name/wa/waydroid/module.nix @@ -1,5 +1,19 @@ -{...}: { - # FIXME: Running `waydroid session start` causes all fuse mounts instances to coredump <2023-09-02> - # Thus this setting must be false. - virtualisation.waydroid.enable = false; +{ + config, + lib, + ... +}: let + cfg = config.soispha.waydroid; +in { + options.soispha.waydroid = { + enable = lib.mkEnableOption "waydroid"; + }; + config = lib.mkIf cfg.enable { + # FIXME: Running `waydroid session start` causes all fuse mounts instances to coredump <2023-09-02> + # Thus this setting must be false. + virtualisation.waydroid.enable = false; + soispha.impermanence.directories = [ + "/var/lib/waydroid" + ]; + }; } -- cgit 1.4.1